<?php
if(isset($_REQUEST['LinhVuc']))
{
	getField();
}

if(isset($_REQUEST['maxn']))
{
	session_start();
	$maXacNhan = $_REQUEST['maxn'];
	$security_code = $_SESSION['security_code'];

	if(!KTMaXacNhan($maXacNhan,$security_code))
	{
		echo '<font color='."'red'> * Mã xác nhận không chính xác</font>";
	}
	else
	{
		echo 1;
	}//end if
}//end if 
			
if(isset($_REQUEST['UserName']) && isset($_REQUEST['Email']))
{
	$userName = $_REQUEST['UserName'];
	$email = $_REQUEST['Email'];

	$i = KTEmailRecovery($userName,$email);
	
	echo $i;
}//end if


if(isset($_REQUEST['username']))
{
	$userName = $_REQUEST['username'];

	if(KTUsername($userName))
	{
		echo '<font color='."'red'> * Tên đăng nhập đã tồn tại. </font>";
	}
	else
	{
		echo 1;
	}//end if
}//end if

			
if(isset($_REQUEST['mail']))
{
	$mail = $_REQUEST['mail'];

	if(KTEmail($mail))
	{
		echo '<font color='."'red'> * Email đã tồn tại. </font>";
	}
	else
	{
		echo 1;
	}//end if
}//end if

//check oldpass
if(isset($_REQUEST['userName']) && isset($_REQUEST['oldpass']))
{
	$userName = $_REQUEST['userName'];
	$oldpass = $_REQUEST['oldpass'];
	
	$i = KTOldPass($userName,$oldpass);
	
	echo $i;
}//end if check oldpass
	 
function KTUsername($name)
{
	include "../common/db.inc";
	$mysqli = new mysqli($host,$username,$password,$dbname);
	$mysqli->set_charset("utf8");
	if(mysqli_connect_errno())
	{
		echo "Connect failed: ".mysqli_connect_errno();
		exit();
	}
	else
	{
		$name = $mysqli->real_escape_string($name);
		$sql="CALL sp_GetUserByName('$name')";
		$result = @$mysqli->query($sql);
		
		if($result->num_rows > 0)
		{
			return true;
		}//end if
		
		return false;
		
	}//end if
	$mysqli->close();
}//end function KTUsername


function KTEmail($mail)
{
	include "../common/db.inc";
	$mysqli = new mysqli($host,$username,$password,$dbname);
	$mysqli->set_charset("utf8");
	
	if(!$mysqli->set_charset("utf8"))
	{
		echo "Lỗi load font utf8: ".$mysqli->error;
	}//end if
	
	if(mysqli_connect_errno())
	{
		echo "Connect failed: ".mysqli_connect_errno();
		exit();
	}
	else
	{
		$mail = $mysqli->real_escape_string($mail);
		$sql="CALL sp_GetUserByEmail('$mail')";
		$result = @$mysqli->query($sql);
		
		if($result->num_rows > 0)
		{
			return 1;
		}//end if
		
		return false;
		
	}//end if
	$mysqli->close();
}//end function KTEmail

function KTMaXacNhan($ma,$security_code)
{
	if($ma == $security_code)
	{
		return true;
	}//end if
	
	return false;
}// end function KTMaXacNhan
	
function getField()
{
	include "../common/db.inc";
	$mysqli = new mysqli($host,$username,$password,$dbname);
	$mysqli->set_charset("utf8");

	if(mysqli_connect_errno())
	{
		echo "Connect failed: ".mysqli_connect_errno();
		exit();
	}
	else
	{
		if(!$mysqli->set_charset("utf8"))
		{
			echo "Lỗi load font utf8: ".$mysqli->error;
		}//end if
		$sql="CALL sp_GetAllField()";
		$result = $mysqli->query($sql);

		if ($mysqli->errno) 
		{
			die($mysqli->errno.": ".$mysqli->error);
		}
		else
		{
			$i = 0;
			echo "<table>";
			while($row = $result->fetch_object())
			{
				if($i == 0)
				{
					echo "<tr>";
				}//end if
						
				echo "<td>";
				echo "<input type='checkbox' name='checkbox[]' value='$row->ID'>$row->Name";
				echo "</td>";
				$i++;
				
				if($i > 2)
				{
					echo "</tr>";
					$i = 0;
				}//end if	
						
			}// end while
			
			echo "</table>";
		}//end if
	}//end if
	$mysqli->close();
}//end function getField

function KTEmailRecovery($userName,$mail)
{
	$i = 0;
	include "../common/db.inc";
	$mysqli = new mysqli($host,$username,$password,$dbname);
	$mysqli->set_charset("utf8");
	if(!$mysqli->set_charset("utf8"))
	{
		echo "Lỗi load font utf8: ".$mysqli->error;
	}//end if
	if(mysqli_connect_errno())
	{
		echo "Connect failed: ".mysqli_connect_errno();
		exit();
	}
	else
	{
		$mail = $mysqli->real_escape_string($mail);
		$sql="CALL sp_GetUserByEmail('$mail')";
		$result = @$mysqli->query($sql);
		
		if($result->num_rows > 0)
		{
			$row = $result->fetch_object();
			if(strcmp($row->Name,$userName)==0)
			{
				$i = 1;//email đúng  với tên đăng nhập
			}
			else
			{
				$i = -1;//email của một tên đăng nhập khác
			}
		}//end if		
	}//end if
	$mysqli->close();
	return $i;
}//end function KTEmail

function KTOldPass($userName,$oldpass)
{
	$i = 0;
	include "../common/db.inc";
	$mysqli = new mysqli($host,$username,$password,$dbname);
	$mysqli->set_charset("utf8");
	
	if(!$mysqli->set_charset("utf8"))
	{
		echo "Lỗi load font utf8: ".$mysqli->error;
	}//end if
	
	if(mysqli_connect_errno())
	{
		echo "Connect failed: ".mysqli_connect_errno();
		exit();
	}
	else
	{
		$userName = $mysqli->real_escape_string($userName);
		$sql="CALL sp_GetUserByName('$userName')";
		$result = @$mysqli->query($sql);
		
		if($result->num_rows > 0)
		{
			$row = $result->fetch_object();
			if(strcmp($row->Pass,md5($oldpass))==0)
			{
				$i = 1;
			}
		}//end if		
	}//end if
	$mysqli->close();
	return $i;
}//end function KTOldPass


?>
